Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft
File:                     oYNGitFuaZjU23dpvvv6BuofE0I.mft (raw, json)
Hash identifier:          76CakJ2rwD6pb6/0eDaw9XUsk1uwO29yml7Y+lihYOA=
Subject key identifier:   B8:37:27:9F:AF:FD:F5:77:19:4D:AF:22:80:BE:1F:97:28:66:50:C4
Authority key identifier: A1:83:46:8A:D1:6E:69:98:D4:DB:77:69:BE:FB:FA:06:EA:1F:13:42
Certificate issuer:       /CN=a183468ad16e6998d4db7769befbfa06ea1f1342
Certificate serial:       01989780DB685125D51DE60B2C5C5771950A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oYNGitFuaZjU23dpvvv6BuofE0I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft
Manifest number:          0FA5
Signing time:             Mon 11 Aug 2025 05:01:00 +0000
Manifest this update:     Mon 11 Aug 2025 05:01:00 +0000
Manifest next update:     Tue 12 Aug 2025 05:01:00 +0000
Files and hashes:         1: oYNGitFuaZjU23dpvvv6BuofE0I.crl (hash: 1G9W6iRG2aQYPAGoqeMI8tU8FHx5CX76O30xnTjNJc8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oYNGitFuaZjU23dpvvv6BuofE0I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 12 Aug 2025 02:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:97:80:db:68:51:25:d5:1d:e6:0b:2c:5c:57:71:95:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a183468ad16e6998d4db7769befbfa06ea1f1342
        Validity
            Not Before: Aug 11 05:01:00 2025 GMT
            Not After : Aug 12 05:01:00 2025 GMT
        Subject: CN=b837279faffdf577194daf2280be1f97286650c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:05:96:48:ee:90:78:6f:20:6c:d5:98:d6:09:
                    ac:f5:a8:bd:11:5b:17:d5:2f:bc:2c:67:8f:8d:4c:
                    89:73:b6:6e:88:51:07:a4:83:78:0e:4d:42:69:64:
                    38:81:cb:bd:31:a5:5e:2d:25:bf:ba:25:ca:18:6d:
                    ae:42:62:ca:e5:56:b1:3f:89:b5:22:fa:db:ba:c5:
                    5d:7b:66:e5:ef:80:0b:73:95:de:1e:eb:d0:fc:06:
                    71:68:10:15:bd:d7:ed:ad:e1:c3:4f:8c:b6:69:7b:
                    89:b6:19:3f:30:1b:dc:71:7a:98:a7:98:8c:6c:a5:
                    c6:b8:ac:c4:8d:ae:f3:29:48:96:ed:4f:af:2d:1d:
                    36:1d:ff:46:77:2f:02:38:2a:a6:b4:20:45:f6:49:
                    fc:8c:78:49:72:3e:3d:86:02:41:fb:23:5a:ca:05:
                    45:5b:b2:66:20:86:70:17:3c:0f:d8:85:35:0c:d2:
                    57:aa:6c:bb:8f:3e:6b:f7:b8:f9:c4:1e:14:57:03:
                    6c:ea:a0:d6:78:7d:d8:25:09:52:03:e7:30:0e:d8:
                    03:f2:ec:f8:2c:2f:2d:a5:de:e2:f6:4d:27:c0:5c:
                    84:f2:71:2a:60:df:ae:12:4a:57:ba:73:30:8a:32:
                    19:e4:cc:5a:8c:12:79:28:12:da:b2:bc:5f:79:36:
                    aa:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:37:27:9F:AF:FD:F5:77:19:4D:AF:22:80:BE:1F:97:28:66:50:C4
            X509v3 Authority Key Identifier:
                keyid:A1:83:46:8A:D1:6E:69:98:D4:DB:77:69:BE:FB:FA:06:EA:1F:13:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYNGitFuaZjU23dpvvv6BuofE0I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/689d05-1b14-4f9b-8e7c-371ac7c654da/1/oYNGitFuaZjU23dpvvv6BuofE0I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:42:5b:5c:56:77:ec:c3:2f:ef:cf:bd:e2:22:58:fa:dd:54:
         4f:52:97:da:96:62:b3:ec:dd:73:91:cc:55:b0:0c:a8:eb:1a:
         0a:ce:09:44:21:0e:e4:85:22:5b:ba:3f:3f:61:46:e5:cc:af:
         f4:78:ca:f4:a4:dc:c9:e1:50:83:99:d4:cb:bf:bc:f9:43:92:
         1d:d0:2c:0f:57:d9:a9:8a:01:c1:13:8e:43:aa:9a:69:93:5a:
         b6:e4:54:ac:42:d7:47:ed:8b:73:9c:24:41:6a:02:86:b2:4b:
         85:32:03:dc:e6:4f:35:ec:43:ec:e0:c2:cf:41:5e:d1:5c:f5:
         e7:44:15:44:71:01:96:48:5f:79:45:8c:68:f2:70:f5:11:f4:
         a1:e5:b5:a0:36:15:47:b6:69:4f:f2:3b:6c:1e:6e:ee:7f:0f:
         fd:ee:6f:f9:bb:80:3f:78:10:c3:a7:df:9d:8c:2b:9d:8c:e0:
         0e:7b:ce:9b:e8:c0:4c:eb:66:03:09:67:5b:18:7f:f4:fc:f0:
         5a:1e:35:66:a6:89:bb:32:57:3f:b4:3a:dd:ec:20:f7:f8:76:
         bd:8c:9c:fe:9b:56:e8:54:e1:c5:5a:39:53:80:ac:bf:f7:27:
         ac:89:d4:25:60:40:d6:5a:e8:32:8e:8d:74:b3:53:3b:4d:24:
         af:80:62:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiXgNtoUSXVHeYLLFxXcZUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODM0NjhhZDE2ZTY5OThkNGRiNzc2OWJlZmJmYTA2ZWEx
ZjEzNDIwHhcNMjUwODExMDUwMTAwWhcNMjUwODEyMDUwMTAwWjAzMTEwLwYDVQQD
EyhiODM3Mjc5ZmFmZmRmNTc3MTk0ZGFmMjI4MGJlMWY5NzI4NjY1MGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AWWSO6QeG8gbNWY1gms9ai9EVsX
1S+8LGePjUyJc7ZuiFEHpIN4Dk1CaWQ4gcu9MaVeLSW/uiXKGG2uQmLK5VaxP4m1
IvrbusVde2bl74ALc5XeHuvQ/AZxaBAVvdftreHDT4y2aXuJthk/MBvccXqYp5iM
bKXGuKzEja7zKUiW7U+vLR02Hf9Gdy8COCqmtCBF9kn8jHhJcj49hgJB+yNaygVF
W7JmIIZwFzwP2IU1DNJXqmy7jz5r97j5xB4UVwNs6qDWeH3YJQlSA+cwDtgD8uz4
LC8tpd7i9k0nwFyE8nEqYN+uEkpXunMwijIZ5MxajBJ5KBLasrxfeTaqCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLg3J5+v/fV3GU2vIoC+H5coZlDEMB8GA1UdIwQY
MBaAFKGDRorRbmmY1Nt3ab77+gbqHxNCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lOR2l0RnVhWmpVMjNkcHZ2djZCdW9mRTBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82ODlkMDUtMWIxNC00ZjliLThlN2Mt
MzcxYWM3YzY1NGRhLzEvb1lOR2l0RnVhWmpVMjNkcHZ2djZCdW9mRTBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82ODlkMDUtMWIxNC00ZjliLThlN2MtMzcxYWM3YzY1NGRh
LzEvb1lOR2l0RnVhWmpVMjNkcHZ2djZCdW9mRTBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJEJbXFZ3
7MMv78+94iJY+t1UT1KX2pZis+zdc5HMVbAMqOsaCs4JRCEO5IUiW7o/P2FG5cyv
9HjK9KTcyeFQg5nUy7+8+UOSHdAsD1fZqYoBwROOQ6qaaZNatuRUrELXR+2Lc5wk
QWoChrJLhTID3OZPNexD7ODCz0Fe0Vz150QVRHEBlkhfeUWMaPJw9RH0oeW1oDYV
R7ZpT/I7bB5u7n8P/e5v+buAP3gQw6ffnYwrnYzgDnvOm+jATOtmAwlnWxh/9Pzw
Wh41ZqaJuzJXP7Q63ewg9/h2vYyc/ptW6FThxVo5U4Csv/cnrInUJWBA1lroMo6N
dLNTO00kr4BiYQ==
-----END CERTIFICATE-----